“Privacy is central to almost every major issue of our time, from immigration and reproductive rights to criminal justice, national security, and the environment,” noted Michael Price, a counsel at the Brennan Center for Justice at NYU School of Law in Time magazine. Given the passions around those issues and the heating up of those debates, expect some sharp changes to the federal government’s privacy approach over the next few years.

Earlier in March, the Federal Communications Commission (FCC) halted a new set of data security rules that would have made it harder for internet service providers to sell information on their users’ intimate browsing habits to third parties.

Currently, internet providers are able to sell data on customers’ web browsing habits to third-party buyers like advertising companies. This past October, the FCC approved new privacy rules that would require explicit consent from customers to do this.

But Ajit Pai, the new FCC chairman, put these plans on hold. In a statement, Pai and acting FTC chairman Maureen K. Ohlhausen said they want new rules to meet the Federal Trade Commission’s less stringent privacy requirements:

We disagreed with the FCC’s unilateral decision in 2015 to strip the FTC of its authority over broadband providers’ privacy and data security practices, removing an effective cop from the beat. The FTC has a long track record of protecting consumers’ privacy and security throughout the internet ecosystem. It did not serve consumers’ interests to abandon this longstanding, bipartisan, successful approach.

Since Trump entered office, the news media has regularly reported on phones and social media being searched at the airport. Although this also took place during the Obama era, anecdotal reports suggest that immigration officers are now requesting these searches of more travelers, and of both citizens and non-citizens.

It’s a troubling and abrupt change from the previous administration’s policy, notes Mozilla’s chief business and legal officer, Denelle Dixon. “[The] real focus is not having rights at the border with respect to passwords and digital data. From our standpoint, that’s a pretty big shift. Obviously, social media is something that is public, and border patrol agents would have access to. However, the notion of taking devices and getting passwords at the border–we find that really hostile to privacy and security, generally. There’s no formal policy we see on that, we’ve seen that shift a bit, and that’s a concern for us.”

Also, Dixon notes, it appears that the unwritten rules in regard to how homeland security agencies view citizens and non-citizens has changed. “Homeland agencies have historically not differentiated between the two and have treated both on a similar level, even if it was not formal policy of the United States. But we’re definitely seeing more differentiation of privacy rights of Americans and non-Americans at the border and elsewhere; that’s something for us to watch in terms of trends.”

Because the Trump administration has been in power for a month and a half and many key bureaucratic positions remain unfilled, there has been a lot of speculation over what the next four years hold for both online and offline privacy.

This speculation focuses on two areas.

advertisement

The first is Trump’s long-awaited cybersecurity executive order, which was scrapped at the last minute in January. The executive order would have overhauled the U.S. government’s approach to cybersecurity, requiring government agencies to overhaul their cybersecurity efforts and an administration-wide risk review, but was canceled for unclear reasons.

Several drafts of the text were leaked to the press. Although most of the text deals with government cybersecurity enhancements, it encourages the private sector to implement strong security measures–a move that could well have privacy ramifications, depending on the bill’s future wording.

A revised version of the cybersecurity executive order is expected in the future; according to Foley Hoag’s Aaron Lang, “The drafts are relatively tame compared to some of the president’s other executive orders.

“The first draft would have created four review panels to report to the president on issues ranging from U.S. cyber capabilities and vulnerabilities to the identification of cyber adversaries. The second draft sounds similar themes, and maintains elements of those reviews, but places more emphasis on ensuring that federal agencies are prepared to confront cyber threats,” Lang adds.

The second area is the U.S.’s and EU’s privacy shield agreement. These laws, which basically allow U.S. tech companies to operate in the European Union–which has a much different (and stricter) interpretation of customer privacy–have been the subject of tense discussion between the United States and Europe; there was speculation in January that an executive order could upend much of the privacy shield. While the privacy shield framework remains in place, the smart money is on more tension between the U.S. and EU over the next few years.